Home » Dell Manuals » Hubs & Switches » Dell PowerConnect W-IAP92 » Manual Viewer

Dell PowerConnect W-IAP92 Dell Instant 6.1.2.3-2.0.0.0 User Guide - Page 121

Intrusion Detection System, Rogue AP Detection and Classification, Wireless Intrusion Protection (WIP)

View all Dell PowerConnect W-IAP92 manuals

Add to My Manuals
Save this manual to your list of manuals

Page 121 highlights

Chapter 15 Intrusion Detection System Intrusion Detection System (IDS) is a feature that monitors the network for the presence of unauthorized IAPs and clients. It also logs information about the unauthorized IAPs and clients, and generates reports based on the logged information. Rogue AP Detection and Classification The most important IDS functionality offered in the Dell Instant network is the ability to detect rogue APs, interfering APs, and other devices that can potentially disrupt network operations. An AP is considered to be a rogue AP if it is both unauthorized and plugged into the wired side of the network. An AP is considered to be an interfering AP if it is seen in the RF environment but is not connected to the wired network. While the interfering AP can potentially cause RF interference, it is not considered a direct security threat since it is not connected to the wired network. However, an interfering AP may be reclassified as a rogue AP. Figure 91 Intrusion Detection Wireless Intrusion Protection (WIP) WIP offers a wide selection of intrusion detection and protection features to protect the network against wireless threats. Like most other security-related features of the Dell network, the WIP configuration can be done on the IAP. An administrator can configure the following five main options.  Infrastructure Detection Policies: Specifies which wireless attacks on access points to detect  Client Detection Policies: Specifies which wireless attacks on clients to detect  Infrastructure Protection Policies: Specifies which wireless attacks on access points to protect against  Client Protection Policies: Specifies which wireless attacks on clients to protect against  Containment Methods: To prevent unauthorized stations from connecting to your Instant network. In each of these options there are several default levels that enable different sets of policies. An administrator can customize (enable/disable) these options accordingly. Dell PowerConnect W-Series Instant Access Point 6.1.2.3-2.0.0.0 | User Guide Intrusion Detection System | 121

Section	Page
Dell PowerConnect W-Series Instant Access Point 6.1.2.3-2.0.0.0	1
Contents	3
Figures	9
Tables	13
About this Guide	15
Dell PowerConnect W-Instant Access Point Overview	15
Supported Devices	15
Objective	15
Intended Audience	15
Conventions	16
Website Contact	16
Initial Configuration	17
Initial Setup	17
Pre-Installation Checklist	17
Connecting the IAP to a Power Source	18
Assigning an IP Address to the IAP	18
Connecting to a Provisioning Wi-Fi Network	18
Login into Instant User Interface	19
Specifying the Country Code	20
Instant User Interface	21
Understanding the Instant UI Layout	21
Banner	22
Search	22
Tabs	22
Networks Tab	22
Access Points Tab	23
Clients Tab	23
Links	24
New version available	24
Users	24
Settings	25
Servers	26
Roles	26
Maintenance	26
Support	27
Help	30
Logout	31
Monitoring	31
Alerts	33
IDS	35
Language	36
AirWave Setup	36
Pause/Resume	37
Views	37
Wireless Network	39
Network Types	39
Employee Network	39
Adding an Employee Network	40
Voice Network	46
Adding a Voice Network	47
Guest Network	50
Adding a Guest Network	50
Editing a Network	53
Deleting a Network	54
Mesh Network	55
Mesh Instant Access Points	55
Mesh Portals	55
Mesh Points	55
Instant Mesh Setup	56
Managing IAPs	59
Auto Join Mode	59
Disabling Auto Join Mode	59
LED Display	60
Terminal Access	61
TFTP Dump Server	61
Syslog Server	62
Syslog Levels	62
Adding an IAP to the Network	63
Removing an IAP from the Network	63
Editing IAP Settings	64
Changing IAP Name	64
Changing IP Address of the IAP	64
Configuring Adaptive Radio Management	66
Migrating from a Virtual Controller Managed Network to Mobility Controller Managed Network	66
Rebooting the IAP	68
Firmware Image Server in Cloud Network	69
Automatic Firmware Image Check and Upgrade	70
Upgrading to new version	70
Manual Firmware Image Check and Upgrade	71
NTP Server	73
Configuring an NTP Server	73
Virtual Controller	75
Master Election Protocol	75
Virtual Controller IP Address	75
Specifying Name and IP Address for the Virtual Controller	75
Configuring the DHCP Server	76
Authentication	77
Authentication Methods in Dell Instant	77
802.1X Authentication	77
Internal RADIUS Server	77
External RADIUS Server	78
Authentication Terminated on IAP	78
Configuring an External RADIUS Server	79
Enabling Instant RADIUS	80
RADIUS Server Authentication with VSA	81
List of supported VSA’s	81
Management Authentication Settings	84
Captive Portal	85
Internal Captive Portal	85
Configuring Internal Captive Portal Authentication when Adding a Guest Network	85
Configuring Internal Captive Portal Authentication when Editing a Guest Network	86
Configuring Internal Captive Portal with External Radius Server Authentication when Adding a Guest Network	86
Customizing a Splash Page	87
Disabling Captive Portal authentication	88
External Captive Portal	89
Configuring External Captive Portal Authentication when Adding a Guest Network	89
Configuring External Captive Portal Authentication when Editing a Guest Network	90
External Captive Portal Authentication via Dell PowerConnect W-ClearPass GuestConnect	90
Creating a Web Login page in the Dell PowerConnect W-ClearPass GuestConnect	90
Configuring the RADIUS Server in Instant	91
Mac Authentication	91
Configuring Mac Authentication	91
Walled Garden Access	93
Creating Walled Garden Access	93
Certificates	94
Loading Certificates	94
Encryption	97
Encryption Types Supported in Dell Instant	97
WEP	97
TKIP	97
AES	97
Encryption Recommendations	97
Understanding WPA and WPA2	98
Recommended Authentication and Encryption Combinations	98
Role Derivation	99
User Roles	99
Creating a New User Role	99
Creating Role Assignment Rules	100
Instant Firewall	103
Service Options	103
Destination Options	105
Example Access Rules	105
Allow TCP service to a particular network	105
Allow PoP3 service to a particular server	106
Deny FTP service except to a particular server	107
Deny bootp service except to a particular network	108
Content Filtering	111
Enabling Content Filtering	111
Enterprise Domains	112
OS Fingerprinting	113
Adaptive Radio Management	115
ARM Features	115
Channel or Power Assignment	115
Voice Aware Scanning	115
Load Aware Scanning	115
Band Steering Mode	115
Airtime Fairness Mode	116
Airtime Fairness Modes	116
Customize valid channels	116
Min transmit power	116
Max transmit power	117
Client Aware	117
Scanning	117
Wide Channel Bands	117
Monitoring the Network with ARM	117
ARM Metrics	117
Configuring Administrator Assigned Radio Settings for IAP	117
Configuring Radio Profiles in Instant	119
Intrusion Detection System	121
Rogue AP Detection and Classification	121
Wireless Intrusion Protection (WIP)	121
Containment Methods	125
SNMP	127
SNMP Parameters for IAP	127
SNMP Traps	129
Airwave Integration and Management	131
AirWave Features	131
Image Management	131
IAP and Client Monitoring	131
Template Based Configuration	132
Trending Reports	132
Intrusion Detection System	132
Wireless Intrusion Detection System (WIDS) Event Reporting to Airwave	132
RF Visualization support for Dell Instant	132
Configuring AirWave	133
Creating your Organization String	133
About Shared Key	133
Entering the Organization String and AMP Information into the IAP	134
Airwave Discovery through DHCP Option	134
Monitoring	135
Virtual Controller View	135
Monitoring Link	136
Info	136
RF Dashboard	136
Usage Trends	136
Client Alerts Link	137
IDS Link	137
Network View	138
Info	138
Usage Trends	139
Instant Access Point View	140
Info	141
RF Dashboard	141
RF Trends	141
Usage Trends	143
Client View	144
Info	144
RF Dashboard	144
RF Trends	145
Mobility Trail	147
Alert Types and Management	149
Alert Types	149
User Database	151
Adding a User	151
Editing User Settings	152
Deleting a User	152
Regulatory Domain	153
Country Codes List	154
Abbreviations	157

Match case Limit results 1 per page

Dell PowerConnect W-Series Instant Access Point 6.1.2.3-2.0.0.0

User Guide

Intrusion Detection System

121

Chapter 15

Intrusion Detection System

Intrusion Detection System (IDS) is a feature that monitors the network for the presence of unauthorized IAPs

and clients. It also logs information about the unauthorized IAPs and clients, and generates reports based on the

logged information.

Rogue AP Detection and Classification

The most important IDS functionality offered in the Dell Instant network is the ability to detect rogue APs,

interfering APs, and other devices that can potentially disrupt network operations. An AP is considered to be a

rogue AP if it is both unauthorized and plugged into the wired side of the network. An AP is considered to be an

interfering AP if it is seen in the RF environment but is not connected to the wired network. While the

interfering AP can potentially cause RF interference, it is not considered a direct security threat since it is not

connected to the wired network. However, an interfering AP may be reclassified as a rogue AP.

Figure 91

Intrusion Detection

Wireless Intrusion Protection (WIP)

WIP offers a wide selection of intrusion detection and protection features to protect the network against wireless

threats. Like most other security-related features of the Dell network, the WIP configuration can be done on the

IAP.

An administrator can configure the following five main options.



Infrastructure Detection Policies: Specifies which wireless attacks on access points to detect



Client Detection Policies: Specifies which wireless attacks on clients to detect



Infrastructure Protection Policies: Specifies which wireless attacks on access points to protect against



Client Protection Policies: Specifies which wireless attacks on clients to protect against



Containment Methods: To prevent unauthorized stations from connecting to your Instant network.

In each of these options there are several default levels that enable different sets of policies. An administrator can

customize (enable/disable) these options accordingly.